Dark Side of the IoT? Shodan Search Engine


Is the Shodan search engine a Google for hackers, or a force for good?

Originally put together in 2009 to help large tech companies gauge usage of their devices, the Shodan search engine allows users to access webcams, video doorbells, and other IoT devices left wide open with no password protection.

The search engine, now primarily used by hackers, voyeurs and a few researchers, can reportedly bring up password protected devices as well, but the engine’s users have helpfully provided lists of the most often used passwords to help bypass that little obstacle. One issue is that people aren’t aware of the need to secure their IoT devices or leave them set with the generic default password given to them by the manufacturer.

According to a Jan 25 article on Vocativ, anyone using Shodan can watch those webcams and devices, peeking into everything from daycare centers and nurseries to marijuana plantations and scientific labs, all with an accompanying map showing their location. Those that pay the $49 a month membership get to watch the full feeds.

Related: Why IoT security remains abysmal

Daniel Miessler, an IT professional, has stated in a blog post that the search engine also brings up devices on SCADA, a communications protocol for industrial IoT devices such as the electric grid, as well as traffic lights.

“It’s interesting, it’s exciting, it’s frightening,” he wrote.

Check Point Software, a security specialist, dubbed Shodan as “Google for hackers” and noted that Shodan has been used in a massive UK data hack that exposed data such as family photographs, medical records and bank statements. “This was due to security flaws in Iomega hard drives which were used to back up personal and business data,” Check Point stated.

The company stated that Shodan can identify the physical location of any Internet-connected equipment – everything from webcams to power plants — as well as its IP address, and often even what type of software it’s running.

“This provides sufficient information for hackers to carry out targeted attacks,” the company stated in a Jan. 4 threat alert.

Shodan’s founder told Softpedia that the tool has been used to secure hundreds of thousands of devices on the Internet, with the “most recent example is the leaking of data via public MongoDB instances, which were only detected and secured because of Shodan.” He said Shodan is not an anonymous service and hackers will continue to use tools they have been using long before Shodan’s existence.

Related: Three modes of entry for IoT hackers

Want more? Check out our most-read content:

White Paper: How to ‘Future-Proof’ a Streaming Analytics Platform
Research from Gartner: Real-Time Analytics with the Internet of Things
E-Book: How to Move to a Fast Data Architecture
The Value of Bringing Analytics to the Edge
Three Types of IoT Analytics: Approaches and Use Cases
Video — Plat.One CEO: Enterprise IoT Doesn’t Have to Be Hard
Three Types of IoT Analytics: Approaches and Use Cases

Liked this article? Share it with your colleagues!

Sue Walsh

About Sue Walsh

Sue Walsh is News Writer for RTInsights, and a freelance writer and social media manager living in New York City. Her specialties include tech, security and e-commerce. You can follow her on Twitter at @girlfridaygeek.

Leave a Reply

Your email address will not be published. Required fields are marked *